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[57] ABSTRACT 

An encryption control system to process an input transport 
data stream into an output transport data stream includes an 
input demultiplexer, a first secure microprocessor, a second 
secure microprocessor and an output multiplexer. The input 
transport data stream includes first entitlement managment 
message data. The input demultiplexer culls the first entitle- 
ment managment message data from the input transport data 
stream, the first entitlement management message data 
including an encrypted multi-session key. The first secure 
microprocessor processes the first entitlement management 
message data to recover the multi-session key by decrypting 
the encrypted multi-session key using a first algorithm. The 
second secure microprocessor re -encrypts the multi-session 
key using a second algorithm and formats second entitle- 
ment management message data based on the first entitle- 
ment management message data with the re-encrypted 
multi-session key substituted for the encrypted multi-session 
key. The output multiplexer provides the output transport 
data stream based on the input transport data stream with the 
second entitlement management message data substituted 
for the first entitlement management message data. 

7 Claims, 10 Drawing Sheets 



150 



112 



NATIONAL 
IDS 



DEMUX 



154 

NATIONAL ENCRYPTED SERVICE 



UNENCRYPTED 





SERVICE 




DECRYPT 




ENCRYPT 


SERVICE 




SERVICE 



NATIONAL EMM 



156 LOCAL 
ENCRYPTED 
SERVICE 



NATIONAL ECM 



DECRYPT 
MSK 



DECRYPT 
MSK 



I^nK^ ^^24 
122 



MSK 

7 



'142 



126 



152" 



SEED 
CEN 



ENCRYPT 
MSK 



DECRYPT 
USK 



122 



M26 



144 



120 



130 



114 



LOCAL 
TDS 



MUX 



LOCAL ECM 



07/12/2004, EAST Version: 1.4.1 



U.S. Patent Aug. lo, 1999 sheet 1 of 10 5,937,067 




07/12/2004, EAST Version: 1.4.1 



U.S. Patent 



Aug. 10, 1999 



Sheet 2 of 10 



5,937,067 




O 
UJ 



CM 



11 



CM 



V 



e 

UJ 

to 



o 



g 



CD 
CNJ 



o 



o 



to 
to 



"Wo 



o UJ _ 

0 03 Z 
^ 3 UJ 
UJ^ O 

to 
a. 



CO 



Z O -3 

CO 25 o 
r=3.'UJ 



to 



oo 



to 

to 



i 

o 
o 



to 



o 
m 
o. 



07/12/2004, EAST Version: 1.4.1 



U.S. Patent Aug. 10,1999 sheet 3 of 10 5,937,067 




07/12/2004, EAST Version: 1.4.1 



U.S. Patent 



Aug. 10, 1999 



Sheet 4 of 10 



5,937,067 




07/12/2004, EAST Version: 1.4.1 



U.S. Patent 



Aug. 10, 1999 



Sheet 5 of 10 



5,937,067 



O 
CO 



V 



UJ 

.CP 



O 



I 



^ y m 
5 g 



i 



o 



UJ z 

8^ 



« }^ 5 g 

O 



s 75 o 



CO 
LU 

Q. 
I 

CO 
GL 



P q; O ce S 
Q_ o a. Q- 

I I I I I 



O 



CO 



CO 



CD 



8 



I I 



Q^l— I— I— h-So*— • 



5 
I 



I 

s. 
o 



to CO 



CO 
Q. 



i 



5= 



o 



>< 

Us 



03 

CO 



\ 



CO 
Q_ 



r 



CO 



s 



i: 

s 



i: 



E 



CO 
CO 



CO 



E 



CO 



f2 



00 

I 

C3 



S 



CO 



s 

a. 



o 
a. 



CO 
Q. 



5^ 

a:: 
o 



CD 

car 
a_ 



07/12/2004, EAST Version: 1.4.1 



U.S. Patent Aug. lo, 1999 Sheet 6 of 10 5,937,067 




07/12/2004, EAST Version: 1.4.1 



U.S. Patent Aug. lo, 1999 sheet 7 of 10 5,937,067 




07/12/2004, EAST Version: 1.4.1 



U.S. Patent 



Aug. 10, 1999 Sheet 8 of 10 

i 



5,937,067 




o 



07/12/2004, EAST Version: 1.4.1 



U.S. Patent Aug. 10,1999 sheet 9 of 10 



5,937,067 




CO 





ICE 


ENCF 




LlJ 








:CRYPT 


:rvice 


0 






07/12/2004, EAST Version: 1.4.1 



U.S. Patent Aug. 10,1999 sheet 10 of 10 5,937,067 




07/12/2004, EAST Version: 1.4.1 



5,937,067 

1 2 

APPARATUS AND METHOD FOR LOCAL serial number (used as an address). In FIG. 2A, secret serial 

ENCRYPTION CONTROL OF A GLOBAL number SSN and public serial number PSN for a particular 

TRANSPORT DATA STREAM decoder are retrieved from memory 18. Secret serial number 

SSN is provided to cncryptcr 26, and public serial number 

BACKGROUND OF THE INVENTION s psN is provided to multiplexer 20. When the bill has been 

1. Field of the Invention timely paid, multiplexer 20 prepares encrypted multi-session 
The present invention relates to conditional access cable transport to the decoder whose address is pubHc 

television systems. In particular, the invention relates to a ^^^^^^ number PSN. 

system by which a local cable headend operator may control In FIG. 2B, the corresponding secret serial number SSN 

access by his subscribers to a global or national transport ^° and associated public serial number PSN is stored in 

data stream. memory 32 of decoder 40. Public serial number PSN is 

2. Description of Related Art provided to demultiplexer 30 so that demultiplexer 30 can 
FIG. lA depicts conveutional encryptor 2. Unencrypted f^"], an enc^^pted multise^ion key addressed to the 

payload data UPD is processed using encryption key EK ^^""f' ^^^"^ ^'"^ "f"'"'' which corre- 

into encrypted payload data at output OUT of encryptor 2. f "'^ ^'i"" ^^I^-'^'' 

FIG. IB depicts conventional decryptor 4. Encrypted pay- Encrypted mulU-session key E^^(MSK) is decrypted 

load data EPD is processed using decryption key DK in ^""y^J?' ^ "^.'"8 ^^"^ 

decryptor 4 to produce decrypted payload data at output "^'-^O' 32 to provide multi-session key MSK. Demulti- 

OUT of decrvplor 4 r / r plexer 30 also selects from transport data stream TDS 

in/-. 1A J • . 1 J T-T/- J • , ^° encrypted seed E^sic (SEED). The encrypted seed is pro- 

FIG. 2Adepicts convenUonal encoder 10. FIG. 2B depicts decrypto^^6 using multi-session key MSK as the 

conventional decoder 40. In FIG. 2A service provider 12 j tion key to provide the unencrypted seed. The unen- 

provides digital services, for example, MPEG encoded ^^ preferably changes at a high rate, for example, 

moUon pictures, digital sound recordmgs, software, games ^^^^ Demultiplexer 30 also selects from 

eta, for transport to decoder 40. The service IS encrypted ^ ^^^^ ^^^^^^ encrypted service E,^^^ 

under a seed from pseudo-random number seed generator (service). TTie encrypted service is processed in decryptor 

14. Encryptor 22 processes the service data usmg the seed as ^^\u^ a i * *u 

. •'^.-^ ^ usmg the seed as the decryption key to recover the 

the encryption key to produce encrypted service E^^^ unencrypted service 

(SERVICE). The encrypted service is combined in multi- ^ , , ^ ^ , i. 

plexer 20 and placed into transport data stream TDS. Id 30 , for the delivery of mulu-session 

order for decoder 40 to recover the service data from the ^^^P^^ ^ S. Pat. No. 5,029^07 to 

encrypted service data, decoder 40 must be provided with Gammie incorporated herein by reference mulU -session 

jjjg ggg^ key MSK is twice encrypted at the encoder and twice 

The seed is distributed in the transport data stream TDS ^^7f ^'^^ ^^""f'': ] ^^P^^^^^^le security 

in a broadcast mode (i.e., all decoders receive the seed at the 35 "'^^^^^ ' ^^'^ "^"^''^^ '^'"^'^^ 

same time). The seed must be encrypted to avoid exploita- Furthermore, m order to defeat data pirates, memory 32. 

tion by possible data pirates. The seed is encrypted in and decryptors 34 and 36 (FIG. 2B) and memory storage for 

encryptor 24 using multi-session key MSK to provide multi-session key MSK (not shown) arc mechanized within 

encrypted seed E^^ (SEED). Muhi-session key MSK * ^^^^^ microprocessor that demes pirates access to keys 

comes from the service distributor 16. Encrypted seed E^.^^ 40 ^though a pirate would stiU have access to 

(SEED) is placed in transport data stream TDS in a broad- ^^^^ °^^P^^ terminals of the secure microprocessor, 

cast mode by multiplexer 20. Preferably, the seed is modified ^^eful life of the seed is short since it is changed often, 

frequently, for example, ten times per second. Therefore, example, ten times per second. 

encrypted seed E^^^^ (SEED) is broadcast to all decoders 40 FIG. 3 depicts conventional system 50 having national 

at, for example, ten times per second. In order to recover the 45 control center 52 that contains encoder 10. Transport data 

seed, decoder 40 must gain access to multi-session key stream TDS from encoder 10 is transmitted by an uplink 

MSK, transmitter of national control center 52 to satellite repeater 

Multi-session key MSK is distributed via transport data Satellite repeater 54 transmits this signal so that cable 

stream TDS to authorized decoders 40 (i.e., decoders of head-end 56 receives the signal. Cable head end 56 

subscribers whose monthly bill has been paid). Preferably 50 re-transmits this signal to decoders 40. 

multi-session key MSK is changed once a month. In order 1^ the national transport data stream (NTDS), entitlement 

to distribute multi-session key MSK over transport data management message EMM, which is uniquely addressable 

stream TDS, the multi-session key is encrypted in encryptor to an individual decoder, contains the MSK encrypted with 

26 using secret serial number SSN as the encryption key to ih^ particular decoder's SSN as well as service authorization 

provide encrypted multi-session key E^^ (MSK). Since the 55 information for the particular decoder. In system 50 having 

encrypted multi-session key need only be provided to the national control center 52 that produces national transport 

decoders one time each month, it is possible to address the data stream NTDS, national control center 52 provides both 

encrypted multi-session key to each decoder individually, in Ibe encrypted MSK (i.e., E^^JM^^)) the decoder 

contrast to broadcasting the encrypted seed to all decoders service authorization information. The national center gen- 

simultaneously. In practice, the MSK is addressed and sent, 60 ©rates the appropriate entitlement management messages 

in advance of it being needed, to each decoder many times and addresses them to the individual encoders. The cable 

during each month in order to ensure that, among other head-end operator simply acts as a conduit for this national 

reasons, it is decrypted and available when needed. Multi- transport data stream. 

plexer 20 places encrypted multi-session key E^^ (MSK) in Some cable head-end operators, however, wish to have 

transport data stream IDS only when the subscriber has paid 65 local control over the service authorization information, 

his monthly bill. Each decoder 40 has stored within it a They want to have local control of a decoder's conditional 

unique secret serial number SSN and a corresponding public access to programs and to particular programs. However, the 
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local cable head-end operators do not feel a need to do their FIG. 3 is a block diagram of a known information 

own program encryption. They would like to maintain the distribution system; 

program encryption already performed at the national con- pio. 4 is a format diagram depicting how elementary data 

trol center. streams are encoded in transport packets according to the 

In many cable systems in use today, a national control 5 present invention; 

center performs all of the multiplexing of services, as weU piG. 5 is a functional diagram of a decoder according to 

as the encryption of each service and the global encryption present invention* 

of the enUre payload part of the transport data stream In ^ ^ f^^^^^^ y^^^ ^ 

such a sj^tern cable head-end operators essenUaUy act as ^„„t,„j j„ ^ embodiment of the present 

conduits for this national signal. The national center also 10 j^j^^^^^^^. ^ 

handles all other conditional access duties including placing „ . _ . , . , , 

service authorization information in entitiement manage- ^ ^ functional block diagram of an encryption 

ment messages addressed to each decoder. ^0^^^°^ ^y^^^^ according to another embodiment of the 

Other systems in use today allow the cable head-end ^''^^^ invention, 

operator to have local control over both conditional access * ^ functional block diagram of an encryption 

and encryption. Some operators want the local control ^^^^^^^ .^^^^^^^ according to another embodiment of the 

ability, but the equipment needed is, of course, more expen- P^^^^* invenUon; and 

sive. FIG. 9 is schematic diagram of an information distribu- 

Cable operators wiU warn to somehow differentiate or tion systems according to another embodiment of the present 

control access to different market segments. For example, mvention. 

suppose three cable compames were operating in a given DETAILED DESCRIFnON OF PREFERRED 

area. It all or them supplied their subscribers with a national ^^,^t* ^y-xTrr^ 

. , . , u u- 4 ij EMBODIMENTS 
center s signal, someone subscribmg to one company could 

easily lend his/her settop decoder to someone subscribing to FIG. 4 is a format diagram of a representative transport 

another company. Thus, there is a need for a system which data stream. Video and audio data are prepared in the form 

would allow the cable head-end operator to continue using a packetized elementary stream having a header, a presen- 

the signal supplied by the national center, but yet be able to tation time stamp, and the video itself. The packetized 

control access to different market areas or segments. elementary stream is allocated into the payload section of 

3Q one or more transport packets. Transport packets are pref- 

SUMMARY OF THE INVENTION erably 188 bits in length. Transport packets preferably 

It is an object to the present invention to provide a means ^^^^ a synchronization block and prefix data followed by 

by which a local cable headend operator can distribute P^y^^^^^ ^ata. Standards referred to as MPEG-2 (actually 

national programming service data while controlling access ^^^^^^^ 13818-1), mcorporated herem by reference, define 

by his subscribers to the data. 35 Particular embodiments of the transport data stream. 

„ . , .1 , - , . , . . Multiplexer/encryptor 64 combines individual transport 

■Hiis and other objects are achieved in an encrypUon ^^^^^^ j^j^ ^ „j 

control system to process an input transport data stream into . , . , . . . 
an output transport data stream that includes an input Of particular mterest to the present mvention are entifle- 
demultiplexer, a first secure microprocessor, a second secure management messages EMM and entidement control 
microprocessor and an output multiplexer. The input trans- ^ messages ECM. Tliesemessages are mulUpIexed mto the 
port data stream includes first entidement management Tansport data stream TDS. Entitlement management mes- 
message data. Tlie input demultiplexer culls the first entitle- ^"S^s are addressed to a specific decoder or group of 
ment management message data from the input transport decoders. Entidement control messages are broadcast to all 
data stream, the first entitlement management message data decoders. Seed data encrypted under a multi-session key ,s 
including an encrypted multi-session key. The first secure « mcluded m the data transmitted m the entitlement control 
microprocessor processes the first entitlement management message. Entitlement control message ECM is sent repeat- 
message data to recover the multi-session key by decrypting J^y.^' a '"g^ f'^f' e.^'^^K ten times a second 
the encrypted multi-session key using a first algorithm. The Multi-session key MSK, encrypted under a secret serial 
second secure microprocessor re^ncrypts Uie multi-session "^^"1"' entitlement management message 
key using a second algorithm and formats second entitle- 5° EMM. The entiUement managetnent message is addressed to 
ment management message data based on the first entitle- the decoder that has stored in it the secret senal number used 
ment management message data with the re-encrypted '° «""yP' multi-session key. Entitlement management 
multi-session key substituted for the encrypted multi-session messages are sent mfrequentiy for example, once per 
key. The output multiplexer provides the output transport practical use, the enuUement naanagement mes- 
data stream based on the input transport data stream with the « *»Se >s sent many times per month to each decoder so that 
second entiUement management message data substituted '^"^^^ ^» have Uie opportunity to decrypt and store 
for the first entitlement management message data. multi-session key for Uie upcoming session (e.g., next 

month). At a particular point m time Uie entitlement control 

BRIEF DESCRIPTION OF DRAWINGS message will provide data indicating Uie switch over to the 

jO new multi-session key which was received from an earlier 

The invention will be described in detail in Uie following entiUement management message, 

description of preferred embodiments with reference to the 5 ^ ^ j^^^j^ according to the present inven- 

following figures wherein: fo, decoding Uie input ti-ansport data stream into 

FIGS. lAand IB are basic functional diagrams of known decrypted services 109. De-multiplexer 72 separates from 

encryptors and decryptors, respectively; 55 the transport data stream Uie entitlement control message 74, 

FIGS. 2A and 23 are functional block diagrams of known Uie entitlement tDanagement message 76 and text data 78. 

encoders and decoders, respectively; Other payload portions of the tiansport data stream are 
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provided to decryptor 104. The de-multiplexer 72 provides into local entitlemeat management message (local EMM), 

similar functions to de-multiplexer 30 (FIG. 2B). Decoder Multiplexer 114 reassembles the national encrypted service 

70 includes secure microprocessor 80. Secure microproces- data, the national entitlement control message data, and the 

sor 80 includes secure memory 82 storing secret serial local entitlement management message into a local transport 

number SSN and multi-session key MSK. In secure micro- 5 data stream (local TDS). 

processor 80, conditional access logic 90 retrieves secret The national entitlement management message is pro- 
serial number SSN from secure memory 82 and provides the cessed in cncryptor 124 to recover and store the multi- 
secret serial number to decryptor 84. Decryptor 84 processes session key in memory 126. The multi-session key is pro- 
entiUement management message 76 to recover multi- vided over a secure link 116 to encryptor 134. The mutM- 
scssion MSK at 92. Conditional access logic 90 stores session key is processed in encryptor 134 using secret serial 
multi-session MSK in secure memory 82. Then, conditional number from memory 132, and it is then placed into the local 
access logic 90 reads multi-session key MSK from secure entitlement management message. However, either (1) the 
memory 82 and provides it to decryptor 86. Decryptor 86 encryption algorithm used by encryptor 134 is different than 
processes entitlement control message 74 to recover a plu- encryption algorithm used by the national center to 
rality of seeds and conditional access data 88. Conditional encrypt the multi-session key, or (2) the secret serial num- 
access logic 90 provides global seed 94 of seeds 88 to tiers stored in memory 132 is different than secret serial 
decryptor 104. Conditional access logic 90 processes con- numbers stored in the comparable database used to encrypt 
dilional access data 88 to identify authorized services and multi-session key at the national center, or (3) both, 
provides service selection signal 96 to service Subscnbers of the cable head-end operator will require a 
de-multiplexer 106. For authorized services, conditional f^^^^l^f ^ decryptor for decrypting the multi-session 
access logic 90 provides encrypted service seeds 98 from '° ^.'J algonthm compatible with encryptor 134 
seeds 88 To decryptor 100 for decryption under the multi- P^^^* ^"^'^fy^ ^'""f^"^ f subscribers of the cable 
• 1 - J * J . -J head-end operator will have stored in them secret serial 
ser^ace key For authorized services decryptor 100 provides ^^^^^ ^^^^ correspond to the secret serial numbers stored 
seeds 102 to decryptors 108 for authonzed services. ^ ^^^^^^ (FIG 6). According to the present invention, 
In FIG. 4, individual services (e.g., video 1 or audio 1) 25 a cable head-end operator having an encryption control 
may be encrypted under respective service seeds. The system 110 in his equipment, can securely provide the 
encrypted, or unencrypted services are formatted into data multi-session key to the decoders within his system; 
frame 60. The entirety of the services portion of data frame however, because of the imique encryption algorithm 134 
60 is encrypted under a global seed. The encrypted portion (i.e., unique to the cable head-end operator) and the unique 
of data frame 60 is processed in decryptor 104 (FIG. 5) using 3Q list of secret serial numbers stored in memory 132, the 
global seed 94 to recover the individual services. The decoder provided to the subscriber of the cable head-end 
individual services may be encrypted or they may be unen- operator is not useable to receive national encrypted services 
crypted. The individual services are provided to multiplexer ^om either the satellite repeater station or any other cable 
106 (FIG. 5) where the individual encrypted service data 107 head-end operator. In this way, the cable head-end operator 
is provided to decryptors 108. Decryptor 108 processes the ,5 inay deny access to the national services when, for example, 
encrypted service data 107 using seeds 102 to provide t^e subscriber does not pay his bill. Furthermore the 
decrypted services 109 decoder provided to the subscriber of the cable head-end 
^ ^ * , , , • 1 J operator is not useable to receive encrypted services from 
In FIG 6, encryption control system 110 includes ^ ^^^^^ ^ ^^^^^ 1^^^ 

de-mulUplexer 112, multiplexer 114, first secure micropro- ^ ^^^^^^^ ^ ^ 5,029,207, incorporated by 

cessor 120 and second microprocessor 130. Secure mi^^^^^ 40 reference, some decoders include decryptofs having 

processor 120 mdudes secret senal number mem^^ re-programmable decryption algorithms and/or 

decryptor 124 and multi-session memory 126. Secret serial re-programmable secret serial numbers. Such decryptors are 

number memory 122 functions in the same way that secret re-programmable when specific addressed messages (e.g., 

serial number memory 32 (FIG. 2B) functions. Decryptor the entitlement management messages described herein) are 

124 functions in the same that decryptor 34 (FIG. 2B) 45 received by the particular decoder or group of decoders 

functions. Memory 126 functions in the same way that being addressed. When the national center uses this type of 

memory 82 (FIG. 5) functions. decoder, the local cable he ad -end operator may purchase and 

Second secure microprocessor 130 includes secret serial resell this type of decoder to his subscribers. Then the cable 
number memory 132 and encryptor 134. Memory 132 head-end operator may send appropriate entitlement man- 
functions in the same way that memory 18 (FIG. 2A) 50 agement messages to individual decoders to change the 
functions, and encryptor 134 functions in the same way that algorithm used to decrypt the multi-session key or change 
encryptor 26 (FIG. 2A) functions. De-multiplexer 112 func- the secret serial number address of the decoder. In this way 
tions in the same way that de -multiplexer 30 (FIG. 2B) a larger market exists for a single decoder design, and the 
functions. Multiplexer 114 functions in the same way that cable head-end operator may provide the decoders to his 
multiplexer 20 (FIG. 2 A) functions. 55 subscribers at a lower cost based on the larger market. 

In a typical operation, a national source of transport data In FIG. 7, encryption control system 140 includes 

stream TDS is uplinked to a satellite repeater station. The de-multiplexer 112, multiplexer 114, first secure micropro- 

satellite repeater station downilnks the broadcast of the ccssor 120 and second secure microprocessor 130. First 

national transport data stream TDS to a plurality of cable secure microprocessor 120 includes secret serial number 

head -end operators, at least one of which has encryption 60 memory 122, decryptor 124 and multi-service key memory 

control system 110 within its equipment. The cable head-end 126 performing substantially the same function as is per- 

operator receives the national transport data stream TDS and formed in secure microprocessor 120 of encryption control 

de-multiplexes the data stream into national encrypted ser- system 110 (FIG. 6), Secure microprocessor 120 of encryp- 

vice data stream a national entitlement control message tion control system 140 (FIG. 7) also includes decryptor 142 

(national ECM) and a national entitlement management 65 to process the national entitlement control message using the 

message (national EMM). The national entitlemeDt manage- multi-session key to recover seed data and service autbori- 

ment message is processed in encryption control system 110 zation data. 
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Second secure microprocessor 130 of encryption control agreement between national center and the local cable 
system 140 (FIG. 7) includes secret serial number memory head-end operator. In decoder 70 (FIG. 5) global seed 94 
122, decryptor 124, multi-session key memory 126 and will be correctly recovered. However, encrypted service 
encryptor 144. Memory 122, decryptor 124 and memory 126 seeds 98 (FIG. 5) are encrypted under a multi-service key 
perform substantially the same functions as are performed in $ that is transmitted to all of the subscribers of the national 
memory 122 decryptor 124 and memory 126 of secure center This corresponds to the multi-session key stored in 
microprocessor 120 of encryption control system 110 (FIG. memory 126 of secure microprocessor 120 of encryption 
6), the function being to recover the multi-session key. control system 140 (FIG. 7), Unfortunately, it is the special 
Encryptor 144 processes seed and service authorization data multi-session key stored in memory 126 of second secure 
using the multi-session key retrieved from memory 126 to microprocessor 130 that would be transmitted by special 
provide local entitlement control messages. Multiplexer 144 agreement between the national center and the local head- 
reformats a local transport data stream from the national operator in the national entitlement management mes- 
transport data stream with the national entitlement control ^^S^ addressed to the decoders of the subscribers of the local 
message replaced by the local entiUement control message. head-end operators. Thus, the subscribers of the local head- 
Cable head-end operators having encryption control sys- ,5 end operator would be able to recover only the special 
4 ^A^\ • ' 4 -J J J * *u ■ multi-session key and would not be able to recover service 
tern 140 m their equipment, may provide decoder, to their ^^^^ ^^,2 (FIG. 5). However, such arrangement may have 
subscnbers of the cable head-end operatois, decoders havmg ^^^^ ^^en individual services are sent unencrypted, the 
a special (i.e., unique) decryption algonthm for decryptmg ^^^^^ g^^vice data being globally encrypted, 
the seed using the mulU-session key. TTie encryptor 144 of ^ encryption system 150 includes de-multiplexer 
encryption control system 140 encrypt, the seed usmg an 20 112, multiplexer 114, first secure microprocessor 120, sec- 
encryption algorithm that corresponds to the seed decryption o^d secure microprocessor 130, seed generator 152, global 
algorithm provided m the decoders. In this way, the decoders service decryptor 154 and global service encryptor 156. In 
so provided are only able to receive seeds when connected FIG. 8, global seed 94 (FIG. 5) is recovered and provided to 
to the particular cable head-end operators equipment. Since global service decryptor 154. National encrypted service 
the local entitlement control message is broadcast to all 25 data is processed in global service decryptor 154 using 
decoders in the cable head-end operator's system, it is not global seed 94 to recover an unencrypted frame of service 
possible to disable individual decoders. However, the cable data. However, the unencrypted frame of service data may 
head-end operator may alter the service authorization data have individual services encrypted, but die frame of service 
decrypted in decryptor 142 prior to being re-encrypted in data is unencrypted. Seed generator 152 simultaneously 
encryptor 144 so as to provide a more limited service (i.e., 30 provides anew seed to global service encryptor 156 and seed 
lower cost service offering) to his subscribers. encryptor 144 of second secure microprocessor 130 of 

As discussed above with respect to FIG. 6, encryption control system 150. 

re-programmable decoders may be provided to the subscrib- In operation, encryption control system 150 recovers an 

ers of the local cable head-end operator under terms that the unencrypted frame of service data from global service 

national center will provide certain specific reprogrmmmg 35 decryptor 154 using global seed 94. Then, the unencrypted 

services for the local cable head-end operator. It is preferable service data is re-encrypted in service encryptor 156 using a 

that the national center provide these re-programming ser- new seed. Simultaneously, the new seed is provided to seed 

vices since the national center prepares the entitlement encryptor 144 where it is encrypted under the multi-session 

management messages addressed to each individual sub- key stored in memory 126 and incorporated in a local 

scriber. Alternatively, the local cable head-end operator 40 entifiement control message. Mtdtiplcxer 114 combines the 

could provide these services if provided with the necessary local entitlement control message with the national entitle- 

secret serial number of the decoders and decryption algo- ment management message and the locally re-encrypted 

rithms of the decoder. The service provided by the national service data to form a local transport data stream. The 

center is to re-program the decryption algorithm used to decoder, for example, decoder 70 of FIG. 5, decodes various 

decrypt the seed data (different than to recover the multi- 45 services, encrypted with the new seed, in the same way that 

session key). In this way, the local cable he ad -end operator it would decode the same services when the seed is gener- 

encrypts seed data in encryptor 144 with an encryption ated by the national center. The decoder is unable to detect 

algorithm compatible with the reprogrammed decoder of his the difference. 

subscriber. This provides a large market for the A unique encryption algorithm may be used for either (1) 
re-programmable decoder while defeating the utility of 50 global service encryptor 156, or (2) seed encryptor 144, or 
taking the re-programmable decoder to another cable net- (3) both. The unique encryption algorithm corresponds to a 
work. Thus, those cable head-end operators who provide respective decrypted algorithm contained in decoder 70 
these re-programmable encoders are less likely to loose their (FIG. 5) provided to the subscribers of the local cable 
investment. head-end operator. In this way, the national entitlement 
It is also possible for the national center to provide 55 management message is used to deliver the multi-session 
addressed entitlement management messages to the indi- key to each decoder including decoders of subscribers of 
vidual subscribers of the local cable head-end operator with cable head-end operatois not having encryption control 
a unique multi-session key, and provide the same multi- system 150 in its equipment. However, decoders with 
session key in an entitlement management message decryption algorithms corresponding to the encryption algo - 
addressed to second secure microprocessor 130 of encryp- 60 rithms used in seed encryptor 144 and global service encryp- 
tion control system 140 (FIG. 7) so that seed and service tor 156 are unusable on other cable systems. Furthermore, 
authorization data will be encrypted under this special should the decoders in question be re-programmable, by 
multi-session key. That is to say, the multi-session key used agreement between the national center and the local head- 
in first secure microprocessor 120 is different than the end operator, it is possible for the national center to 
multi-session key used in second secure microprocessor 130 65 re -program the decryption algorithms in the decoders that 
of encryption control system 140 (FIG. 7). This process to correspond to the encryption algorithms used in seed 
deliver the special multi-session key can be arranged by encryptor 144 and global service encryptor 156. 
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In FIG, 9, information distribution system 160 includes 
national center 162, satellite repeater 164, first user station 
170 and second user station 180. First user station 170 
includes receiver 172, cable head-end modulator 174 and at 
least one digital settop terminal 176, User station 180 5 
includes receiver 172 local encryption control system 182, 
cable head-end modulator 174 and advance digital settop 
terminal 184. 

Encryption control system 182 may be any one of encryp- 
tion control system 110, 140, or 150. In a variant of 10 
encryption system 110, multi-session key encryptor 134 
includes a two stage encryption where a first secret serial 
number encrypts the multi-session key to provide a once 
encrypted key and then the once encrypted key is processed 
through a further encryptor using a second secret serial 15 
number to provide a twice encrypted key. The twice 
encrypted key incorporated is in the local entitlement man- 
agement message and transmitted in the local transport data 
stream (FIG. 6). The local transport data stream is modulated 
in cable head-end modulator 174 and transported to 20 
advanced digital settop terminal 184. Advanced digital set- 
top terminal 184 is, for example, a settop terminal having a 
fixed security element integral with the decoder and a 
replaceable security module (i.e., smart card) pluggable into 
the decoder. For example, see U.S. Pat. No. 5,029,207, 25 
incorporated herein by reference. Advance digital settop 
terminal 184 includes two decryptors to recover the twice 
encrypted multi-session key. One decryptor is included in 
the fixed security element of the set top terminal itself (i.e, 
decoder) and the other decryptor is included in the remov- 
able security module (i.e., smart card). 

In practice, a cable system operator having the same 
equipment as first user station 170 is only capable of 
transporting the national transport data stream to the local 
subscribers. Such an operator may upgrade his equipment by 
adding encryption control system 182 and/or sending a 
corresponding replaceable security module (i.e, smart card), 
to his subscribers. There is no need to replace all of the 
existing settop terminals. 

40 

Persons skilled in the art will appreciate that techniques 
described with respect to FIGS. 6-9 may be mixed and 
combined to provide any desired level of control With 
appropriate mixtures the local cable head-end operator may 
disconnect subscribers who have failed to timely pay their 
bills, and provide low cost service offerings to subscribers 
by modifying conditional access data. 

Having described preferred embodiments of a novel appa- 
ratus and method for local encryption of a global transport 
data stream (which are intended to be illustrative and not 
limiting), it is noted that modifications and variations can be 
made by persons skilled in the art in light of the above 
teachings. It is therefore to be understood that changes may 
be made in the particular embodiments of the invention 
disclosed which are within the scope and spirit of the 
invention as defined by the appended claims. 

Having thus described the invention with the details and 
particularity required by the patent laws, what is claimed and 
desired protected by letters patent is set forth in the 
appended claims: 

What is claimed is: 

1. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitiement 
management message data, the system comprising: ^5 

an input demultiplexer to cull the first entitiement man- 
agement message data from the input transport data 
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stream, the first entitlement management message data 
including an encrypted multi-session key; 

a first secure microprocessor to process the first entitie- 
ment management message data to recover the multi- 
session key by decrypting tiie encrypted multi-session 
key using a first algorithm; 

a second secure microprocessor to re-encrypt the multi- 
session key using a second algorithm and to format 
second entitiement management message data based on 
the first entitiement management message data with the 
re-encrypted multi-session key substituted for the 
encrypted multi-session key; 

an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitiement management message data substi- 
tuted for the first entitiement management message 
data. 

2. The system of claim 1, fiirther comprising first and 
second decoders wherein; 

the first decoder includes first circuitry for recovering the 
multi-session key from the first entitlement manage- 
ment message data, the first circuitry being incapable of 
recovering the multi-session key from the second 
entitiement management message data; and 

the second decoder includes second circuitry for recov- 
ering the multi-session key from the second entitlement 
management message data, the second circuitry being 
incapable of recovering the multi-session key from the 
first entitiement management message data. 

3. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitlement 
management message data, the system comprising: 

an input demultiplexer to cull the first entitlement man- 
agement message data from the input transport data 
stream, the first entitlement management message data 
including an encrypted multi-session key; 

a first secure microprocessor to process the first entitie- 
ment management message data to recover the 
encrypted multi-session key by decrypting the 
encrypted multi-session key using a first secret serial 
number; 

a second secure microprocessor to re-encrypt the multi- 
session key using a second secret serial number and to 
format second entitiement management message data 
based on the first entitlement management message 
data with the re-encrypted multi-session key substi- 
tuted for the encrypted multi-session key; 

an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitiement management message data substi- 
tuted for the first entitiement management message 
data. 

4. An encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entitlement 
control message data, the system comprising: 

a circuit for receiving a multi-session key; 

an input demultiplexer to cull the first entitlement control 
message data from the input transport data stream, the 
first entitlement control message data including 
encrypted seed data; 

a decryptor to process the first entitlement control mes- 
sage data to recover seed data by decrypting the 
encrypted seed data using the multi-session key and a 
first algorithm; 
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an encryptor to process the recovered seed data using the 
multi-session key and a second algorithm to provide 
re-encrypted seed data and to format second entitle- 
ment control message data based on the first entitle- 
ment control message data with the re-encrypted seed S 
data substituted for the encrypted seed data; and 
an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 
second entitlement control message data substituted for 
the first entitlement control message data. 10 
5. Ad encryption control system to process an input 
transport data stream into an output transport data stream, 
the input transport data stream including first entidement 
control message data and first encrypted service data, the 
system comprising: IS 

a circuit for receiving a multi-session key; 

an input demultiplexer to cull the first entitlement control 
message data and the first encrypted service data from 
the input transport data stream, the first entitlement 
control message data including encrypted seed data; 

a first decryptor to process the first entitlement control 
message data to recover first seed data by decrypting 
the encrypted seed data using the multi-session key; 

a second decryptor to process the first encrypted service 25 
data using the first seed data to recover unencrypted 
service data; 

a seed generator to generate second seed data; 

a first encryptor to process the second seed data using the 
multi-session key to provide re-encrypted seed data and 
to format second entitlement control message data 
based on the first entitlement control message data with 
the re-encrypted seed data substituted for the encrypted 
seed data; 

a second encryptor to process the unencrypted service 
data using the second seed data to provide second 
encrypted service data; and 

an output multiplexer to provide the output transport data 
stream based on the input transport data stream with the 40 
second entitlement control message data substituted for 
the first entitlement control message data and the 
second encrypted service data substituted for the first 
encrypted service data. 
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6. An information distribution system to broadcast a 
transport data stream through a repeater station to user 
stations, the transport data stream including first and second 
entitlement management message data, the first entitlement 
management message data including a multi-session key 
encrypted using a first algorithm, the second entitlement 
management message data including the multi-session key 
encrypted using a second algorithm, the -information distri- 
bution system comprising: 

a control center to transmit the transport data stream to the 
repeater station; 

a first user station to receive the transport data stream 
from the repeater station, the first user station providing 
the transport data stream to a first plurality of decoders 
without controUing the decoders' access to the trans- 
port data stream; and 

a second user station to receive the transport data stream 
firom the repeater station, the second user station pro- 
viding the transport data stream to a second plurality of 
decoders while controlling the decoders' access to the 
transport data stream. 

7. The system of claim 6, wherein decoders of the first 
plurality of decoders recover the multi-session key from the 
first entitlement management message data by decryption 
based on the first algorithm, and wherein the second user 
station includes: 

a circuit for recovering the multi-session key firom the 
second entitlement management message data by 
decrypting the encrypted multi-session key based on 
the second algorithm; 

a memory to store a local key; 

an encryptor to re-encrypt the multi-session key using the 
local key and the second algorithm to provide third 
entitlement management message data; and 

an output multiplexer to provide a local data stream to the 
second plurality of decoders based on the transport data 
stream with the third entitlement management message 
data substituted for the second entidement management 
message data. 

4* •!*))>•(« *l> 
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